<?php
    session_start();
    require_once ('connection.inc.php');

/* ====================================
 * Check if a product exists after scan
 */
    // NEEDS TO USE POST!!!
    $employee_id = $_GET['emp_id'];
    $password = $_GET['password'];
    $shop_id = SHOP_ID;
    
    $sql = "SELECT employee_forename, employee_surname FROM af1_employee"
                . " WHERE employee_id = '$employee_id'"
                . " AND employee_password = '$password'"
                . " AND shop_id = '$shop_id'";
    //echo $sql;
    $result = mysqli_query($connection, $sql);
    $num_rows = mysqli_num_rows($result);
    
    if ($num_rows == 0) {
        echo "invalid";
        exit();
    }
    else if ($num_rows == 1) {
        $row = mysqli_fetch_assoc($result);
        $forename = $row['employee_forename'];
        $surname = $row['employee_surname'];
        echo "$forename $surname";
        $_SESSION['emp_id'] = $employee_id;
    }
    else {
        echo "duplicate found";
    }